As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories
Continue ReadingMonth: September 2024
Mastercard Invests in Defense of Global Digital Economy With Acquisition of Recorded Future
Recorded Future is excited to announce that we are being acquired by one of the worlds most trusted and recognized companies, Mastercard, in a transaction valued at $2.65B. This marks an important milestone in our journey,
Continue ReadingProtecting Multi-Cloud Resources in the Era of Modern Cloud-Based Cyberattacks
Written by: Rupa Mukherjee, Jon Sabberton In the era of multi-cloud adoption, where organizations leverage diverse cloud platforms to optimize their operations, a new wave of security challenges have emerged. The expansion of attack surfaces beyond
Continue ReadingHygiene, Hygiene, Hygiene! [Guest Diary], (Wed, Sep 11th)
[This is a Guest Diary by Paul Olson, an ISC intern as part of the SANS.edu BACS program] Introduction Starting my internship with SANs Internet Storm Center [1] was daunting from the aspect of being unsure
Continue ReadingH1 2024: Malware and Vulnerability Trends Report
Summary:The "H1 2024 Malware and Vulnerability Trends Report" shares how threat actors refined their tactics and exploited zero-day vulnerabilities, leaving organizations increasingly vulnerable. Key trends include the rise of infostealer malware, which dominated the threat landscape,
Continue ReadingPython Libraries Used for Malicious Purposes, (Wed, Sep 11th)
Since I’m interested in malicious Python scripts, I found multiple samples that rely on existing libraries. The most-known repository is probably pypi.org[1] that reports, as of today, 567,478 projects! Malware developers are like regular developers: They
Continue ReadingISC Stormcast For Wednesday, September 11th, 2024 https://isc.sans.edu/podcastdetail/9134, (Wed, Sep 11th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingCisco Releases Security Updates for Cisco Smart Licensing Utility
Cisco released security updates to address two vulnerabilities (CVE-2024-20439 and CVE-2024-20440) in Cisco Smart Licensing Utility. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users
Continue ReadingCISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38226 Microsoft Publisher Security Feature Bypass Vulnerability CVE-2024-43491 Microsoft Windows Update Remote Code Execution Vulnerability CVE-2024-38014 Microsoft Windows Installer Privilege
Continue ReadingMicrosoft Releases September 2024 Security Updates
Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following
Continue Reading